OTL logfile created on: 1/21/2013 4:46:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TH Montano\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 39.59% Memory free
8.17 Gb Paging File | 2.45 Gb Available in Paging File | 29.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.36 Gb Total Space | 229.40 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive D: | 11.40 Gb Total Space | 1.21 Gb Free Space | 10.57% Space Free | Partition Type: NTFS
Drive E: | 57.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 446.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 930.86 Gb Total Space | 812.17 Gb Free Space | 87.25% Space Free | Partition Type: NTFS
Computer Name: THMONTANO-PC | User Name: TH Montano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2013/01/21 16:46:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TH Montano\Downloads\OTL.exe
PRC - [2013/01/21 16:42:32 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
PRC - [2013/01/19 11:52:53 | 006,516,280 | ---- | M] (AVAST Software) -- C:\Users\TH Montano\AppData\Local\Temp\_av_sfx.tm~a06108\avast.setup
PRC - [2013/01/19 11:52:00 | 093,654,616 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Temp\ssdl4698.exe
PRC - [2013/01/14 20:58:42 | 028,792,472 | ---- | M] (Dropbox, Inc.) -- C:\Users\TH Montano\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/23 22:13:16 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/11/07 16:29:30 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/10/17 00:46:34 | 001,573,576 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/10/09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\TH Montano\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/01 17:04:36 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/05/01 08:28:02 | 000,024,576 | ---- | M] (doubleTwist Corporation) -- C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
PRC - [2012/02/27 03:52:20 | 000,038,248 | ---- | M] (Mindjet) -- C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe
PRC - [2011/06/17 11:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/10/01 02:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) -- C:\Program Files (x86)\Intuit\QuickBooks 2009\QBDBMgrN.exe
PRC - [2009/01/12 08:54:02 | 000,669,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/12/09 08:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe
PRC - [2008/06/13 11:06:50 | 000,034,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2008/06/13 11:06:48 | 000,021,296 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2008/05/27 15:19:42 | 000,032,768 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
PRC - [2008/05/26 02:28:04 | 000,704,512 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
PRC - [2008/05/26 02:21:08 | 000,548,864 | ---- | M] (SHARP CORPORATION) -- C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
PRC - [2008/05/24 12:40:24 | 000,463,360 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE
PRC - [2008/05/15 18:09:34 | 000,080,176 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Controls\Controls.exe
PRC - [2008/05/15 18:02:54 | 003,590,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
PRC - [2008/05/15 18:00:46 | 000,080,176 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Messages\Messages.exe
PRC - [2008/05/15 04:27:44 | 000,180,313 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
PRC - [2008/05/03 14:15:46 | 000,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe
PRC - [2008/05/03 14:15:42 | 000,101,376 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE
PRC - [2008/04/24 14:59:36 | 000,202,024 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/04/24 14:59:26 | 001,135,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/04/18 17:32:22 | 002,199,552 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
PRC - [2008/04/09 18:01:46 | 000,102,400 | ---- | M] () -- C:\WINDOWS\SysWOW64\OSDForm.exe
PRC - [2008/01/18 09:04:56 | 003,641,344 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2007/04/18 09:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2013/01/19 11:52:00 | 093,654,616 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Temp\ssdl4698.exe
MOD - [2013/01/19 09:00:56 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013/01/19 08:55:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e40fa3c6d2f2a4200ee4e11fce57e7\System.ServiceProcess.ni.dll
MOD - [2013/01/19 08:55:39 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll
MOD - [2013/01/19 08:54:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/19 08:54:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/19 08:54:27 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013/01/19 08:54:15 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/19 08:52:17 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/19 08:52:00 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013/01/07 18:06:22 | 000,460,392 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013/01/07 18:06:21 | 012,459,624 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/07 18:06:19 | 004,012,648 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/07 18:05:29 | 000,598,120 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/07 18:05:28 | 000,124,520 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/07 18:05:25 | 001,553,000 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012/11/14 04:01:40 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012/10/05 04:59:08 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 04:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 04:59:03 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/21 17:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2012/05/28 14:43:20 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/05/01 08:27:23 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\doubleTwist 2.0\WmdmDevice.dll
MOD - [2012/05/01 08:27:07 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\doubleTwist 2.0\WIA.dll
MOD - [2012/02/27 03:51:34 | 000,151,376 | ---- | M] () -- C:\Program Files (x86)\Mindjet\MindManager 10\zlib.dll
MOD - [2012/02/13 05:02:15 | 001,249,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2012/02/13 05:02:09 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2012/02/13 05:02:04 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2011/12/26 20:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/08/26 15:58:29 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2009/03/29 22:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/03/29 22:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/03/29 22:42:18 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MOD - [2009/03/29 22:42:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/03/29 22:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009/03/29 22:42:13 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2009/03/29 22:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009/02/18 12:39:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009/02/18 12:39:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009/02/18 12:39:17 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
MOD - [2008/12/22 08:50:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/21 12:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2008/07/16 07:40:42 | 000,894,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LUZHP\2.0.0.0__5b744bac3e20de8f\LUZHP.dll
MOD - [2008/07/16 07:40:35 | 000,022,888 | ---- | M] () -- C:\Windows\assembly\GAC_32\HPTSEnUsr\1.0.0.0__661cda25fd3dfad3\HPTSEnUsr.dll
MOD - [2008/07/16 07:40:35 | 000,016,232 | ---- | M] () -- C:\Windows\assembly\GAC_32\HPTSEnCmn\1.0.0.0__9384b804f3886685\HPTSEnCmn.dll
MOD - [2008/05/26 02:42:02 | 000,434,176 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\SCprMfpif.dll
MOD - [2008/05/26 02:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\discoveryps.dll
MOD - [2008/05/26 02:28:18 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\SHARP\Sharpdesk\FtpServerps.dll
MOD - [2008/05/15 17:36:04 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.XmlSerializers.dll
MOD - [2008/05/15 17:35:52 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Controls\Controls.XmlSerializers.dll
MOD - [2008/05/15 17:35:50 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Messages\Messages.XmlSerializers.dll
MOD - [2008/05/15 04:31:02 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSMON2enu.dll
MOD - [2008/05/15 04:30:52 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSH4enu.dll
MOD - [2008/05/15 04:30:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSH3enu.dll
MOD - [2008/05/15 04:29:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resC2Xenu.dll
MOD - [2008/05/15 04:28:58 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resT651enu.dll
MOD - [2008/05/15 04:28:28 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resSHDEVICEenu.dll
MOD - [2008/05/15 04:28:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resAR507enu.dll
MOD - [2008/05/15 04:27:54 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\resAR200enu.dll
MOD - [2008/05/15 04:27:44 | 000,180,313 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
MOD - [2008/05/15 04:27:38 | 000,135,263 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
MOD - [2008/05/15 04:27:30 | 000,127,071 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
MOD - [2008/05/15 04:27:22 | 000,127,076 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
MOD - [2008/05/15 04:27:14 | 000,094,305 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\T651.dll
MOD - [2008/05/15 04:27:10 | 000,114,783 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\C2x.dll
MOD - [2008/05/15 04:27:04 | 000,028,766 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONPDB.DLL
MOD - [2008/05/15 04:27:00 | 000,065,635 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Ar507.dll
MOD - [2008/05/15 04:26:58 | 000,061,534 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
MOD - [2008/05/15 04:26:54 | 000,094,307 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Ar200.dll
MOD - [2008/05/15 04:26:50 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
MOD - [2008/04/24 14:59:42 | 000,783,656 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008/04/24 14:59:34 | 000,013,096 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008/04/18 17:32:22 | 002,199,552 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
MOD - [2008/04/09 18:01:46 | 000,102,400 | ---- | M] () -- C:\WINDOWS\SysWOW64\OSDForm.exe
MOD - [2007/01/21 23:11:16 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
MOD - [2007/01/09 04:25:30 | 000,034,352 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Shared Files\richvideops.dll
MOD - [2006/11/07 20:22:14 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\BRIGHTNESS.dll
MOD - [2005/11/24 02:25:50 | 000,774,144 | ---- | M] () -- C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmp2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/11/09 06:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 06:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/11/09 06:33:08 | 000,241,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/07/15 15:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/19 09:20:03 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/23 22:13:16 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/11/19 10:02:55 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/12 12:31:59 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/09/28 18:12:44 | 000,832,664 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\WINDOWS\Temp\0185781358648089mcinst.exe -- (0185781358648089mcinstcleanup)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/17 11:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/01 02:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Intuit\QuickBooks 2009\QBDBMgrN.exe -- (QuickBooksDB19)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 14:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/07/16 08:15:41 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/06/13 11:06:48 | 000,021,296 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2008/05/03 14:15:42 | 000,101,376 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE -- (HP Touch Screen Enhance)
SRV - [2007/12/16 22:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/10 22:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/12/23 22:13:34 | 000,101,688 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/11/09 06:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 06:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 06:36:30 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/11/09 06:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 06:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 06:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 06:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/02/29 07:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/27 12:48:14 | 000,014,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2010/11/11 04:01:20 | 001,212,416 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2010/03/04 02:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/17 09:08:24 | 000,017,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OSDACPI.SYS -- (ACPIService)
DRV:64bit: - [2009/01/19 13:41:48 | 000,609,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:64bit: - [2008/07/08 18:44:36 | 000,492,544 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/02/14 08:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2012/12/23 22:13:34 | 000,297,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/12/23 22:13:34 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/11/01 15:48:02 | 000,505,720 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys -- (RapportCerberus_43926)
DRV - [2010/03/05 19:07:54 | 000,396,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100510.001\IDSviA64.sys -- (IDSvia64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {4B51C980-C6B0-11E1-9136-AED16088709B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE:64bit: - HKLM\..\SearchScopes\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}: "URL" = http://www.safesearc...398266676E843BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ossfire&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE - HKLM\..\SearchScopes,DefaultScope = {4B51C980-C6B0-11E1-9136-AED16088709B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearc...398266676E843BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...398266676E843BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearc...398266676E843BB
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{732FC961-4F9C-497D-A3B7-E4BE3A40CDA5}: "URL" = http://websearch.ask...7B-1745703CCB42
IE - HKCU\..\SearchScopes\{9039911D-F3FC-4C26-A21B-2499F8B2F47B}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{C039EE20-DBE6-4877-AB22-510A8701349C}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}: "URL" = http://www.safesearc...398266676E843BB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "SafeSearch"
FF - prefs.js..browser.search.defaultenginename: "SafeSearch"
FF - prefs.js..browser.search.defaultthis.engineName: "SafeSearch Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.safesearc...98266676E843BB"
FF - prefs.js..browser.search.order.1: "SafeSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.5.0.11422
FF - prefs.js..keyword.URL: "http://www.safesearc....net/search?q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\TH Montano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\TH Montano\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/19 08:33:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/01/18 17:25:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/18 17:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Extensions
[2013/01/19 12:11:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions
[2012/12/17 21:25:01 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] (Ask Toolbar Toolbar) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\[email protected]
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] (We-Care App) -- C:\Users\TH Montano\AppData\Roaming\Mozilla\Firefox\Profiles\nb2gwfpy.default\extensions\wecarereminder@bryan
[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/18 17:26:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/17 21:25:18 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2012/11/19 10:02:56 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/08/30 12:58:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/12/17 21:24:34 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/11/14 16:43:50 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\TH Montano\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\TH Montano\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Translate = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Entanglement = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Bejeweled = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Keep Thinking Different = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammgpoopafhlhahgjlbgdiddnjjdidnb\3_0\
CHR - Extension: AddThis - Share & Bookmark (new) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.9_0\
CHR - Extension: Word Search = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: SiteAdvisor = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: ShopAtHome.com extension = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\igapgnpnmadafimalefljcfplikonjpp\6.0.9.2_0\
CHR - Extension: 60 Minutes = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj\0.60_0\
CHR - Extension: We-Care Reminder = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\
CHR - Extension: Google Voice (by Google) = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.8_0\
CHR - Extension: Wave Accounting = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa\1.9.5_0\
CHR - Extension: Skype Click to Call = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: Word\u00B2 = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee\2.5_0\
CHR - Extension: Poppit = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail Checker = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Curling = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0\
CHR - Extension: Schoolshape = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbnimabkphheebjheolifjlfgelkjhi\2.3_0\
CHR - Extension: Learn Spanish - Qu\u00E9 Onda Spanish = C:\Users\TH Montano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120621162043.dll (McAfee, Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120621162043.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" File not found
O4:64bit: - HKLM..\Run: [SN0XRCV] C:\Windows\SysNative\spool\drivers\x64\3\SN0XRCV.exe (SHARP CORPORATION)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Buttons & OSDs control application gen2] C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe ()
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FtpServer.exe] C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP KEYBOARD] C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IndexTray] C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe (Mindjet)
O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
O4 - HKLM..\Run: [SharpTray] C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TypeRegChecker] C:\Program Files (x86)\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\TH Montano\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [doubleTwist] C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe (doubleTwist Corporation)
O4 - HKCU..\Run: [EPSON WorkForce 310 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE /FU "C:\Users\THMONT~1\AppData\Local\Temp\E_SB374.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [HPSmartCenterBoot] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe (Hewlett-Packard)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [MPOptimizer] "C:\Program Files\MaxPerforma Optimizer\MaxPerforma.exe" /scan File not found
O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\TH Montano\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7D49925-5B22-4BE0-AD19-9276052AC21F}: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sds - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\SHARP\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\TH Montano\Pictures\community_support_img.jpg
O24 - Desktop BackupWallPaper: C:\Users\TH Montano\Pictures\community_support_img.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/18 15:12:18 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0c40df47-9aa4-11df-80b4-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c40df47-9aa4-11df-80b4-00247e27004a}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{9e0ebc8a-85e6-11df-908c-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{9e0ebc8a-85e6-11df-908c-00247e27004a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{f15cfd9c-3206-11df-8a2b-00247e27004a}\Shell - "" = AutoRun
O33 - MountPoints2\{f15cfd9c-3206-11df-8a2b-00247e27004a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/21 16:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2013/01/21 16:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/01/19 16:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\doubleTwist
[2013/01/19 16:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doubleTwist
[2013/01/19 16:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\doubleTwist 2.0
[2013/01/19 11:52:13 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\Documents\Add-in Express
[2013/01/19 11:51:33 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Roaming\AVSoftware
[2013/01/19 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\SafeSearch
[2013/01/19 09:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/01/19 09:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/01/19 09:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/01/19 08:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/01/18 13:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/01/18 13:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/05 16:21:33 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\Documents\VOIP Phone
[2013/01/03 21:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/01/03 21:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013/01/03 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/01/03 21:18:50 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Local\Microsoft Corporation
[2013/01/03 21:18:25 | 000,000,000 | ---D | C] -- C:\Users\TH Montano\AppData\Local\Windows Live
[2013/01/03 21:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013/01/03 21:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2010/07/12 10:44:17 | 001,228,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\TH Montano\DesignPremium_CS5_LS1.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/01/21 16:42:32 | 000,001,930 | ---- | M] () -- C:\Users\TH Montano\Desktop\HijackThis.lnk
[2013/01/21 16:26:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-937415962-3640826716-1896864481-1000UA.job
[2013/01/21 16:19:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/21 16:10:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 16:04:42 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 16:04:42 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 18:26:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-937415962-3640826716-1896864481-1000Core.job
[2013/01/20 18:10:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/20 17:36:25 | 000,000,508 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for TH Montano.job
[2013/01/19 20:03:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/19 16:35:43 | 000,768,766 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/19 16:35:43 | 000,648,920 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/19 16:35:43 | 000,122,776 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/19 16:22:30 | 000,001,930 | ---- | M] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2013/01/19 16:22:30 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\doubleTwist.lnk
[2013/01/19 12:10:56 | 000,000,258 | RHS- | M] () -- C:\Users\TH Montano\ntuser.pol
[2013/01/19 09:47:26 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/01/19 09:27:51 | 000,002,071 | ---- | M] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/19 09:27:51 | 000,002,069 | ---- | M] () -- C:\Users\TH Montano\Desktop\Google Chrome.lnk
[2013/01/19 08:47:31 | 000,000,958 | ---- | M] () -- C:\Users\TH Montano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/19 08:47:18 | 000,000,936 | ---- | M] () -- C:\Users\TH Montano\Desktop\Dropbox.lnk
[2013/01/19 08:39:58 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2013/01/19 08:37:15 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013/01/19 08:35:43 | 000,493,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/18 19:10:23 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/18 19:08:25 | 000,763,680 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/18 13:46:35 | 000,009,500 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\d3d9caps64.dat
[2013/01/18 13:37:59 | 000,001,356 | ---- | M] () -- C:\Users\TH Montano\AppData\Local\d3d9caps.dat
[2013/01/07 19:17:07 | 000,810,630 | ---- | M] () -- C:\Users\TH Montano\AppData\Roaming\fontlst2.opf
[2013/01/04 08:19:56 | 000,090,425 | ---- | M] () -- C:\Users\TH Montano\Desktop\Windows 7 Upgrade Advisor results.mht
[2012/12/23 22:13:34 | 000,101,688 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/21 16:42:32 | 000,001,930 | ---- | C] () -- C:\Users\TH Montano\Desktop\HijackThis.lnk
[2013/01/19 16:22:30 | 000,001,930 | ---- | C] () -- C:\Users\TH Montano\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2013/01/19 16:22:30 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\doubleTwist.lnk
[2013/01/19 11:51:41 | 000,000,258 | RHS- | C] () -- C:\Users\TH Montano\ntuser.pol
[2013/01/19 09:47:26 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/01/04 08:19:49 | 000,090,425 | ---- | C] () -- C:\Users\TH Montano\Desktop\Windows 7 Upgrade Advisor results.mht
[2012/12/16 22:30:09 | 000,000,000 | ---- | C] () -- \extensions.sqlite
[2012/08/01 21:03:46 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\HPPLVS.dll
[2012/06/16 15:30:02 | 000,763,680 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/26 17:39:02 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\ktdll.dll
[2012/03/03 15:33:41 | 000,009,500 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\d3d9caps64.dat
[2011/07/21 15:58:31 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/07/20 01:29:44 | 000,212,545 | ---- | C] () -- C:\Users\TH Montano\coverup.jpg
[2011/06/20 15:22:01 | 000,002,048 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\Photobook Designer Prefs
[2011/01/26 12:56:29 | 000,072,080 | ---- | C] () -- C:\Users\TH Montano\g2mdlhlpx.exe
[2010/07/12 10:44:17 | 3052,655,417 | ---- | C] () -- C:\Users\TH Montano\DesignPremium_CS5_LS1.7z
[2010/07/01 16:44:51 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/23 13:06:22 | 000,000,970 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\wklnhst.dat
[2010/06/04 15:39:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/14 15:00:26 | 000,028,314 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/05/14 08:07:06 | 000,028,314 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/17 14:55:01 | 000,810,630 | ---- | C] () -- C:\Users\TH Montano\AppData\Roaming\fontlst2.opf
[2010/03/15 18:33:34 | 000,053,248 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/12 13:23:42 | 000,001,356 | ---- | C] () -- C:\Users\TH Montano\AppData\Local\d3d9caps.dat
[2008/07/16 08:11:36 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008/07/16 08:11:34 | 000,333,257 | RHS- | C] () -- \bootmgr
[2006/12/02 00:37:14 | 000,904,704 | ---- | C] () -- \msdia80.dll
========== ZeroAccess Check ==========
[2006/11/02 09:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 11:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 01:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 20:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/08/30 16:13:35 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\.minecraft
[2013/01/19 08:44:03 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\.oit
[2013/01/19 11:51:33 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\AVSoftware
[2010/07/27 09:37:20 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\bppenu11
[2012/04/26 17:39:01 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\CompuCram
[2013/01/19 08:47:38 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Dropbox
[2012/08/30 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Epson
[2010/03/12 13:30:27 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\LabTech Software
[2010/03/18 14:33:32 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Leader Technologies
[2010/03/18 14:30:33 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Leadertech
[2012/05/02 13:34:38 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\OpenCandy
[2011/06/20 15:21:28 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Photobook Designer
[2010/04/13 17:42:36 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\SHARP
[2010/03/17 14:55:06 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Sharpdesk
[2013/01/18 17:29:59 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\SmartDraw
[2010/06/23 13:06:47 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\Template
[2010/03/15 07:52:00 | 000,000,000 | ---D | M] -- C:\Users\TH Montano\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A3E39C6A
< End of report >